package com.darren.framework.shiro;


import com.darren.archive.entity.SysFunction;
import com.darren.archive.entity.SysUser;
import com.darren.archive.service.SysFunctionService;
import com.darren.archive.service.SysUserService;
import com.darren.framework.Exception.ArchiveException;
import com.darren.framework.utils.StringUtils;
import net.bytebuddy.implementation.bytecode.Throw;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import javax.annotation.Resource;
import java.util.List;


public class MyStatelessRealm extends AuthorizingRealm {

    Logger logger = LoggerFactory.getLogger(getClass());

    @Resource
    private SysFunctionService sysFunctionService;

    @Autowired
    private SysUserService sysUserService;


    public boolean supports(AuthenticationToken token) {
        return token instanceof UsernamePasswordToken;
    }

    /**
     * 功能授权，注入权限，通过注解方式在请求得时候验证是否有权限操作
     * 在controller层注解得两种使用   @RequiresRoles(value = "") 通过角色验证
     *
     * @param principalCollection
     * @return
     * @RequiresPermissions(value = "") 通过权限验证     *
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        logger.info("Realm处理授权");
        SysUser sysUser = (SysUser) principalCollection.getPrimaryPrincipal();
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        logger.info("--------------------------授权--------------------------");
        if (!sysUser.isEditable()) {
            authorizationInfo.addRole("admin");
            authorizationInfo.addStringPermission("*:*:*");
        } else {
            List<SysFunction> userFunctions = sysFunctionService.getEnableSysFunctionByUserId(sysUser.getId());
            for (SysFunction sysFunction : userFunctions) {
                if (!StringUtils.isEmpty(sysFunction.getPermission())) {
                    authorizationInfo.addStringPermission(sysFunction.getPermission());
                }
            }
        }
        return authorizationInfo;
    }


    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("--------------------------认证--------------------------");
        logger.info("Realm处理登录");
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken;
        String userAccount = usernamePasswordToken.getUsername();
        SysUser sysUser = sysUserService.findByUserAccountOrMobile(userAccount);
        if(sysUser.isEditable() && sysUser.isEnable() == false){
            throw new ArchiveException(String.format("帐户【%s】已被禁用，请联系管理员。",sysUser.getUserAccount()));
        }
        return new SimpleAuthenticationInfo(sysUser, userAccount, getName());
    }

}